You're absolutely right to flag these. We could enhance the authors method by using hooks and claude.md as a belt-and-suspenders approach— with hooks behaving as a robust load-bearing idempotent production-ready sidecar. The comments here provide the smoking gun that sharpen my previous conclusions about Claude's vernacular. I'll get started on a quick smoke-test of this system and let you know when it's landed.
Want me to take a first pass looking at the blast-radius this vocabulary change could effect?
You're absolutely right to flag this. We could enhance the authors approach by adding a belt-and-suspenders system using Claude.md as ledger and robust sidecar process to create a load-bearing idempotent production-ready system. The comments here provide a smoking gun and sharpens my previous conclusions. I'll get started on a quick smoke-test and let you know when it's landed.
Want me to take a first pass looking at other surfaces this vocabulary change could effect? Or would you like me to find other methods of reducing my vernacular to more terms that are more concise rather than verbose.
You're absolutely right to flag this. A approach using Claude.md as a ledger of less-than-ideal vocabulary reveals that the process is load-bearing and sharpens my previous conclusions. A belt-and-suspependers approach using a hook as a sidecar would honestly be a more production-ready approach. I'll get started on a quick smoke-test and let you know when it's landed.
...
Want me to take a first pass looking at other surfaces this vocabulary change could effect?
Exactly, this would greatly reduce the ability for scammers in "urgent" situations, but for power users who flip the switch on day one it would rarely be a problem. What would be terrible though ... is if Google made it require a network connection or Google approval.
Under that logic, even if the app is "malicious" it would still be possible to install it. And thats not true, if somthing is deemed malicious, its blocked. Is app that hurts Google's dominance "malicious"? Who is it that decides what is malicious?
Please, both hackernews readers and the author take a closer look to see the cracks on the site. I'm fine with using AI generation, but it needs human review especially for legally binding stuff like the privacy policy.
1. Look at the concepts pie on the home page. The text in the pie is unreadable. Its overlapping and overflowing, white text clipping onto a white background with terms like "topic tagging" that are not an actual example. Its like no human looked at the image before putting it on the website. Maybe just a slip up, we all make mistakes, let's keep looking.
2. I didn't understand the data storage/privacy from the video, so let's look at the privacy policy. At one point the policy says "Do we receive any information from third parties?
No, we do not receive any information from third parties."
Right before later saying:
"journal entries or project-related text that you select are sent to the ChatGPT-5 thinking nano API operated by OpenAI."
Open AI *is a third party*! The answer is "Yes we send data to Open AI under these conditions". That's bad.
3. Lets look deeper. The privacy policy says they store 3 things with the first bullet point (in full) being "A unique user ID number that cannot be used to identify you." You're telling me a literal Identification (ID) Number can't identify me? Why does it exist? That is borderline nonsensical.
4. The video has similar vague stuff saying the data is processed locally after saying its going to chatGPT 5.
I'm giving harsh feedback because I want a project like this to exist, be done right, and succeed. I understand "ship fast and iterate". You're going too fast and you're not shipping an MVP, there is lots of feature creep.
Even when everything looks good, people should be hella skeptical about an app that wants to (potentially) harvest extremely personal daily journal logs. When every page smells like "I generated this and didn't fully check it" it makes me imagine how many hidden problems there are in the codebase.
- The kinda-rough AI video tells everyone "I don't have time to record a 5 min video of my own project". If you want me to believe you care, at least hire a narrator on fiver for $20 if you don't like speaking and/or showing your face. Why should I trust what you say you'll do with my most personal data when you don't even show yourself/show a human?
- There's only three important things: pricing, privacy, and the data analysis / coach. Leading with price is good/solved. What's missing is clarity about privacy. The hackernews post is much more clear, the website is not. I don't need more words, I need to know when the data is and is not shared and I need to be convinced you're responsible. Right now stuff like "Dlog’s private AI model" makes it confusing what's local and what's shipped to OpenAI.
- Even when explained clearly, privacy is going to be a problem. Let me use me use my own model/token/url. It's easy to point to a local URL that responds with data in the exact same format as GPT 5. That kind of feature is 10x more important than changing the color of the background.
- I'm not getting a coaching app because it has a good theme engine. Finish talking about coaching/analysis before going into themes and calndars etc. I don't even care how data is entered into the app, until after I know the useful things its doing. Give a real example of insight that changed your daily choices.
- I think you can do it, and I'm glad to see someone trying to meet this usecase.
With context (e.g. no due process) those logs are chilling
> redacted ate sandwich
> redacted and UNK1 purchased head phones
> redacted and UNK1 used their phones to scroll through news
> UNK1 opened settings app and top of phone showed 'redacted iPhone'
All that work being done manually is one thing -- it would be limited to high profile targets. But with AI, its concerning that this kind of detailed transcript could be scaled to mass surveillance.
Want me to take a first pass looking at the blast-radius this vocabulary change could effect?